Certification of Classical Confluence Results for Left-Linear Term - - PowerPoint PPT Presentation

Certification of Classical Confluence Results for Left-Linear Term Rewrite Systems

Julian Nagele Aart Middeldorp

Department of Computer Science University of Innsbruck

ITP 2016 August 23, 2016

Introduction

Rewriting

• simple computational model for equational reasoning
• widely used in proof assistants, functional programming,. . .
• this talk: untyped first-order term rewriting

Confluence Criteria

· · · ·

∗ ∗ ∗ ∗

CR

Knuth and Bendix, orthogonality, strongly/parallel/development closed critical pairs, decreasing diagrams (rule labeling), parallel and simultaneous critical pairs, divide and conquer techniques (commutation, layer preservation, order-sorted decomposition), decision procedures, depth/weight preservation, reduction-preserving completion, Church-Rosser modulo, relative termination and extended critical pairs, non-confluence techniques (tcap, tree automata, interpretation), . . .

JN & AM (UIBK) Certification of Classical Confluence Results 2/15

Introduction

Reliable Automatic Confluence Analysis

Literature Confluence Tool algorithms & techniques TRS Proof XML Isabelle/HOL IsaFoR Ce T A theorems & proofs code generation & Haskell compiler accept/reject

JN & AM (UIBK) Certification of Classical Confluence Results 3/15

Critical Pairs

Critical Pairs

Definition

→ is strongly confluent if ← · → ⊆ →∗ · =←

Definition

critical overlap (ℓ1 → r1, C, ℓ2 → r2)µ consists of

• (variable disjoint variants of) rules ℓ1 → r1, ℓ2 → r2
• context C, such that ℓ2 = C[ℓ′] with ℓ′ /

∈ V and mgu(ℓ1, ℓ′) = µ then Cµ[r1µ] ←⋊→ r2µ is critical pair

Theorem (Huet)

If TRS R is linear and s →= · ∗← t and s →∗ · =← t for all t ←⋊→ s then →R is strongly confluent

JN & AM (UIBK) Certification of Classical Confluence Results 4/15

Critical Pairs

Proof by Picture

JN & AM (UIBK) Certification of Classical Confluence Results 5/15

Critical Pairs

Proof by Picture

=

JN & AM (UIBK) Certification of Classical Confluence Results 5/15

Critical Pairs

Proof by Picture

= *

JN & AM (UIBK) Certification of Classical Confluence Results 5/15

Critical Pairs

Critical Pairs

Example

• TRS R

f(f(x, y), z) → f(x, f(y, z)) f(x, y) → f(y, x)

• 4 non-trivial critical pairs

f(f(x, f(y, z)), v) ←⋊→ f(f(x, y), f(z, v)) f(x, f(y, z)) ←⋊→ f(z, f(x, y)) f(z, f(x, y)) ←⋊→ f(x, f(y, z)) f(f(y, x), z) ←⋊→ f(x, f(y, z))

• are strongly closed, hence R is (strongly) confluent

Remark

Right-linearity is a rather unnatural restriction

Theorem (Huet)

If R is left-linear and s − → ∥ t for all s ←⋊→ t then − → ∥ has the diamond property

JN & AM (UIBK) Certification of Classical Confluence Results 6/15

Critical Pairs

Proof by Picture IH

∥ ∥ ∥ ∥ ∥ ∥

JN & AM (UIBK) Certification of Classical Confluence Results 7/15

Critical Pairs

Parallel Rewriting and Measuring Overlap

Definitions (Huet)

• s

{p1,...,pn}

− − − − − − → ∥ t if pi pj for i = j and s|pi →ǫ t|pi for all 1 i, j n

• overlap of peak is H

P1 ← − ∥ s

P2

− → ∥

• =

q∈Q |s|q| where

• Q = {p1 ∈ P1 | ∃p2 ∈ P2. p2 p1} ∪ {p2 ∈ P2 | ∃p1 ∈ P1. p1 p2}
• book keeping required by sets of positions and reasoning about H in Isabelle

became convoluted, inelegant, and in the end unmanageable

Definitions (Toyama)

• C[s1, . . . , sn]

s1,...,sn

− − − − → ∥ C[t1, . . . , tn] if si →ǫ ti for all 1 i n

• overlap of peak is T

t1,...,tn ← − − − − ∥ s

u1,...,um

− − − − − → ∥

• =

s∈S |s| where

• S = {ui | ∃tj. ui ✂ tj} ∪ {tj | ∃ui. tj ✂ ui}

JN & AM (UIBK) Certification of Classical Confluence Results 8/15

Critical Pairs

Example

• TRS R

f(a, a, b, b) → f(c, c, c, c) a → b a → c b → a b → c

• peak after closing critical pair

f(a, a, b, b) f(c, c, c, c) f(b, a, b, b) f(b, b, a, a) ∥ ∥

• T
• a,a,b,b

← − − − − ∥ f(a, a, b, b)

f(a,a,b,b)

− − − − − → ∥

• = 2 since S = {a, b} ∪ ∅
• T

a,b,b ← − − − ∥ f(b, a, b, b)

b,a,b,b

− − − − → ∥

• = 2 since S = {a, b} ∪ {a, b}

JN & AM (UIBK) Certification of Classical Confluence Results 9/15

Critical Pairs

Measuring Overlap in IsaFoR

Definition

Overapproximation of overlap between two parallel steps is multiset defined by

• ✷,a

← − − ∥ s

✷,b

− − → ∥

• = {s}
• C,a1,...,ac

← − − − − − − ∥ s

✷,b

− − → ∥

• = {a1, . . . , ac}
• ✷,a

← − − ∥ s

D,b1,...,bd

− − − − − − → ∥

• = {b1, . . . , bd}
• f (C1,...,Cn),a

← − − − − − − − − ∥ f (s1, . . . , sn)

f (D1,...,Dn),b

− − − − − − − − → ∥

• =

n

• i=1
• Ci,ai

← − − − ∥ si

Di,bi

− − − → ∥

• where a1, . . . , an = a and b1, . . . , bn = b are partitions of a and b such that length
• f ai and bi matches number of holes in Ci and Di for all 1 i n
• compare multisets using multiset extension of superterm relation ✄mul
• ✄mul is well-founded

JN & AM (UIBK) Certification of Classical Confluence Results 10/15

Critical Pairs

Example

Applying this definition for the two peaks from before yields

• f(✷,✷,✷,✷),a,a,b,b

← − − − − − − − − − − − ∥ f(a, a, b, b)

✷,f(a,a,b,b)

− − − − − − − → ∥

• = {a, a, b, b}
• f(b,✷,✷,✷),a,b,b

← − − − − − − − − − − ∥ f(b, a, b, b)

f(✷,✷,✷,✷),b,a,b,b

− − − − − − − − − − − → ∥

• = {a, b, b}

and {a, a, b, b} ✄mul {a, b, b}

Lemma

• C,a

← − − ∥ s

D,b

− − → ∥

• =
• D,b

← − − ∥ s

C,a

− − → ∥

• Ci,ai

← − − − ∥ si

Di,bi

− − − → ∥

• ⊆
• f (C1,...,Cn),a

← − − − − − − − − ∥ f (s1, . . . , sn)

f (D1,...,Dn),b

− − − − − − − − → ∥

• {a1, . . . , ac} ✄=

mul

• C,a1,...,ac

← − − − − − − ∥ s

D,b

− − → ∥

• JN & AM (UIBK)

Certification of Classical Confluence Results 11/15

Critical Pairs

Almost Parallel Closed Critical Pairs

Theorem (Toyama)

If R is left-linear, t − → ∥ s for all inner critical pairs t ←· ⋊→ s, and t − → ∥ · ∗← s for all

• verlays t ←⋉

⋊→ s then − → ∥ is strongly confluent

Proof (Adaptations)

• t

C,a

← − − ∥ s

D,b

− − → ∥ u

• show t −

→ ∥ ∗ · ← − ∥ u and u − → ∥ ∗ · ← − ∥ t

• if C = D = ✷ then assumption for overlays applies
• other cases remain (almost) the same

Remark

• incorporating Toyama’s extension to commutation is straightforward

JN & AM (UIBK) Certification of Classical Confluence Results 12/15

Certification and Experiments

Certification and Experiments

Ce T A

• Ce

T A computes critical pairs

• and checks linearity and joining conditions
• only information required in certificate: bound on length of →∗

CSI on 277 TRSs in Confluence Problem Database

SC PC SC+PC full yes 38 21 41 110 no 48 maybe 239 256 236 119

JN & AM (UIBK) Certification of Classical Confluence Results 13/15

Conclusion

Development Closed Critical Pairs

Theorem (van Oostrom)

If R is left-linear and t − → ○ s for all critical peaks t ←⋊→ s then − → ○ has the diamond property

• nesting of steps makes describing −

→ ○ harder

• need to split off single steps on both sides and combine closing step with

remainder

• due to nesting of redexes this needs non-trivial reasoning about residuals
• need to split off “innermost” overlap to get decrease in measure
• notion of overlap does not carry over

JN & AM (UIBK) Certification of Classical Confluence Results 14/15

Conclusion

Summary

• formalization of two classical confluence results
• strongly closed was straightforward
• (almost) parallel closed was much more involved

Main differences to Paper Proof

• multihole contexts for describing parallel steps
• notion of overlap: collect overlapping redexes in multiset, compare with ✄mul
• future work: development closed
• harder future work: apply to higher-order rewriting

JN & AM (UIBK) Certification of Classical Confluence Results 15/15